Vanguard Configuration Manager - Continuous Monitoring of System z Security Configuration Controls

Vanguard Configuration Manager is an automated software scanner that enables continuous monitoring of System z security configuration settings. The software supports implementing and utilizing the z/OS and RACF configuration checklist from the National Checklist Program (NCP) of the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS).

Vanguard Configuration Manager significantly reduces the cost and time required for government agencies and contractors to test and assess their compliance with NCP guidelines for IBM® z/OS and RACF. Since April of 2011, the NCP recognizes the Security Technical Implementation Guidelines (STIG), based upon the Defense Information Systems Agency (DISA) STIGs for z/OS and RACF, as the minimum required configuration controls for z/OS and RACF systems. Vanguard Configuration Manager is the only fully automated scanner for the z/OS and RACF STIGs.

Organizations using Vanguard Configuration Manager are saving thousands of hours each year when performing quarterly NCP and/or DISA STIG assessments. Those that implement continuous monitoring will save tens or hundreds of thousands of hours each year by deploying Vanguard Configuration Manager.

Vanguard Configuration Manager provides the following benefits:

Source documents requiring Federal Agencies and their Outsourcers to report on compliance with the DISA STIGs for mainframes.


  • Dramatically reduces the costs of configuration control testing and reporting based on NIST/DHS standards.
  • Significantly enhances z/OS security.
  • Provides built-in intelligence about z/OS and RACF STIG details.
  • Automates the testing of more than 300 System z STIG checks.
  • Produces accurate DISA STIG compliance reports in minutes.
  • Enables implementation of continuous monitoring.
  • Easy to deploy and use.
  • Reduces human error in the compliance checking and reporting process.

Read the Vanguard Configuration Manager Case Studies

FISMA Requirements for Information and Information Resources

  • OMB FY 2010 Reporting Instructions for the Federal Act and Agency Privacy
    Management NIST Standards and Guidelines "11. Is use of National Institute of Standards and Technology (NIST) publications required?""Yes. For non-national security programs and information systems, agencies must follow NIST standards and guidelines. For legacy information systems, agencies are expected to be in compliance with NIST standards and guidelines within one year of the publication date unless otherwise directed by OMB. The one year compliance date for revisions to NIST publications applies only to the new and/or updated material in the publications. For information systems under development or for legacy systems undergoing significant changes, agencies are expected to be in compliance with the NIST publications immediately upon deployment of the information system." See OMB M-10-15

  • "Technical Security. Agencies should assure that each system appropriately uses effective security products and techniques, consistent with standards and guidance from NIST." See OMB Circular A-130, Appendix III

  • The NIST standard and guidance on security configuration control checklists: "Federal agencies are required to use appropriate security configuration checklists from the National Checklist Program when available." See NIST SP 800-70, pages ES-1 and ES-2

  • Vanguard Configuration Manager supports implementing and utilizing the z/OS RACF checklist provided by the National Checklist Program of NIST and DHS. See the National Vulnerability Database National Checklist Program.

  • Read about the NIST FISMA implementation Project.


Terms of Use © 2005 - 2016 Vanguard Integrity Professionals - Nevada All Rights Reserved.